Hi, for a small project I need to "intercept" all the network calls from any app on iOS (on devices of selected and consenting users). Since netstats does not work anymore on iOS 10, is there a way to do something similar with network extensions? Documentation is so poor on this relatively new topic. I have seen that, probably, something could be done by using the NEAppProxyProvider class. Am I wrong? If not, may someone provide some further explanation on how to use these NE features?
Accepted Reply
Hi, do you have any (good or bad) news?
Sorry, I didn’t see your earlier follow-up.
I just need to know, for each request, which app has made it, I don't need to modify it nor to do other operations on the requests.
The Network Extension infrastructure isn’t really set up for this. The closest match is the filter provider, but that has some serious limits:
it only works on supervised devices
it does not provide information about the requesting app
it takes extraordinary measures to prevent data from the requests escaping the provider
The app proxy providers (and packet tunnel providers in app proxy mode) are not really designed for this sort of monitoring; the architecture assumes that you have a server that your provider is tunnelling data through. Also, be aware that these per-app VPN mechanisms assume your running managed apps on a managed device.
Oh, btw, your posts so far have talked about “requests”. Does that indicate that you’re interesting only in HTTP[S]? Or are you looking for all network traffic (both TCP connections and UDP traffic).
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"
Replies
I need to "intercept" all the network calls from any app on iOS (on devices of selected and consenting users).
Do you want to just see the traffic? Or modify it?
Do you need to know which app the traffic is coming from?
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"
I just need to know, for each request, which app has made it, I don't need to modify it neither to do other operations on the requests.
Hi, do you have any (good or bad) news?
I really need an answer to this question, also a "no, you can't use network extensions to realize a so intrusive thing".
Thanks
Hi, do you have any (good or bad) news?
Sorry, I didn’t see your earlier follow-up.
I just need to know, for each request, which app has made it, I don't need to modify it nor to do other operations on the requests.
The Network Extension infrastructure isn’t really set up for this. The closest match is the filter provider, but that has some serious limits:
it only works on supervised devices
it does not provide information about the requesting app
it takes extraordinary measures to prevent data from the requests escaping the provider
The app proxy providers (and packet tunnel providers in app proxy mode) are not really designed for this sort of monitoring; the architecture assumes that you have a server that your provider is tunnelling data through. Also, be aware that these per-app VPN mechanisms assume your running managed apps on a managed device.
Oh, btw, your posts so far have talked about “requests”. Does that indicate that you’re interesting only in HTTP[S]? Or are you looking for all network traffic (both TCP connections and UDP traffic).
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"
Actually I needed not only HTTP(S) traffic. But if there was a way for that kind of requests it would be a good starting point for our needs.